Fighting Malware: SMB Security

As cybercriminals become more sophisticated in their techniques, they also become significantly more dangerous. malware is everywhere today — and small business owners are among their most sought after targets.

Protecting yourself from malware begins by educating yourself regarding what malware is and how to reduce your personal risks. Though malware may be extremely pervasive today, just like other types of crime, they generally look for the weakest victims; if your system is protected, they may simply move on.

A cyber criminal will seek out vulnerable targets and will attempt to breach their targets security. Malware is not unlike any other form of robbery. Once in, the cyber criminal will either collect information for identity theft or attempt to steal documents and financial information directly.

A cyber criminal may attempt to steal intellectual property or may collect banking information for the purposes of fraud. Either way, the ultimate goal for a cyber criminal is generally cash: the primary motive behind cyber crime is money.

This is one of the many reasons that cyber criminals tend to target small business owners. Individuals may have lax personal-network security by comparison but they generally don’t have as much money as a small business.

Meanwhile, larger enterprises may have more money but tend to be better protected. Small business owners are, thus, the ideal type of target.

► Methods Of Operation

There are many methods that cyber criminals may use to breach the security of a business — even though the ultimate goals tend to be the same. It’s important that you are able to identify the different types of malicious program so that you can protect yourself.

There are two major things that define a malicious program: the type of distribution and the type of exploit. Distribution is how the malicious program gets on a computer or device while the exploit itself is what the program does.

♦ Email Attachments – Email distribution is the most popular type of distribution for malware. An email attachment can easily be disguised as a type of document that it isn’t — for instance a .JPG or .PDF may actually be an executable and malicious program.

Most employees today are aware that they shouldn’t open unsolicited email attachments, but these attachments can masquerade as important company files or personal correspondence.

Email security solutions can automatically scan email attachments to make sure that executable programs are not included in company emails or that employees are given a warning if they are.

,♦ Malicious Downloads – Malicious downloads often masquerade as useful utilities. They may appear to be something as simple as a file converter or an encryption program; either way, the program, when launched, will usually infect the target machine.

From there the download may do a variety of things; it may collect information and send it back to the cyber criminal or it may even lock and encrypt files and request a ransom for them. Either way, malicious programs are generally protected against through anti-virus solutions.

♦ Hidden Exploits – Rather than masquerading as another file entirely, hidden exploits embed themselves into otherwise useful programs and then distribute themselves through less than reputable websites.

An employee may believe that they have downloaded a commonly used program and not realize that there is an exploit buried within the code. To protect against hidden exploits, users have to be able to identify trustworthy websites. Firewall and anti-virus solutions can further protect against this type of system compromise.

♦ RAM Scraping – RAM scraping is a special type of malicious program that sorts through the memory of a computer system for valuable information. Important and (PII) personally identifiable information is often encrypted when it is transmitted, so it cannot be pulled out of data transfers.

However, before the data is encrypted, it can be stored in the memory of either a device or a computer. RAM scraping identifies this information before it has been encrypted and transferred.

RAM scraping is commonly used on point-of-sale systems, as they save and transmit large volumes of merchant-related data, including credit card numbers and bank account information. Protecting against RAM scraping is often done using a combination of anti-virus software solutions and firewalls, to identify any unusual activity.

Nearly all malware is based upon a simple premise: getting a user to open and install a program that has malicious code in it. This malicious code is then used to collect information or perform malicious actions as the cyber criminal desires.

It’s possible to greatly reduce risk simply through proper training, but accidents still happen — and this is where the need for antivirus software, encryption software, and a continuous data backup becomes necessary.

Advanced security solutions today don’t just look at a program to identify whether or not its malware but rather run behavioral analysis on the program to identify malicious actions.

► How Can You Protect Against Malware?

There are two parts to protecting a system against malware: identification and neutralization. Malicious programs must first be identified through the use of an anti-virus solution or firewall. Once it has been identified, it has to be quarantined and then removed from the system.

Small business owners can further protect themselves through the use of encryption software and data backups. Encryption software will protect confidential information from being used by a cyber criminal even if they are able to accessed said data, while an automated data backup solution will aid a small business owner in recovering their data following a breach.

Employees must also be knowledgeable about system security to reduce risk. They should be able to identify potentially dangerous programs and be able to avoid downloading software that could be potentially malicious. In the case of RAM scraping, small business owners need to protect themselves when working with intermediaries or third-party software solutions.

Point-of-sale systems are the most common type of RAM scraped program. A small business owner may not be able to secure the system itself, they can choose a system that has a solid reputation and ensure that they update it frequently. By keeping their system updated, they will be able to keep up with current exploits.

Malware is a constantly evolving threat. Just as security programs are developed to identify and fight them, the malicious programs themselves evolve to remain undetected.

Small business owners who want to protect their systems will need to be vigilant and remain knowledgeable regarding current exploits if they are to ensure the safety of their computer systems and their confidential information.

Though there are an ever-growing number of threats out there, it is possible to reduce risk through a combination of knowledge and software.